Cisco ASA Reset to Factory Defaults

Posted on 2009-02-14
Last Modified: 2012-05-06
I reset my ASA to Factory Defaults and compaired the "sh ru" to a new ASA.
The folowing is included on the one I reset.  How do I get rid of these entries?

class-map inspection_default

 match default-inspection-traffic



policy-map type inspect dns preset_dns_map


  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp


service-policy global_policy global

Open in new window

Question by:Bob
    LVL 4

    Expert Comment

    Why do you want to get rid of them? these commands control basic firewall function. you can take them out by "clear config policy-map".

    Author Comment

    Just did not see them in a running config on a new ASA.

    Wasn't sure if it was something left over from a previous configration.

    My enable password did not change so I wasn't sure
    LVL 4

    Expert Comment

    it is part of the factory setting.
    LVL 9

    Accepted Solution

    As all the others say its a part of the factory defaults.

    You can always negate them the with "no"

    no service-policy global_policy global
    no policy-map global_policy
    no policy-map type inspect dns preset_dns_map
    no class-map inspection_default


    Author Closing Comment

    Thanks for the Help

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Suggested Solutions

    I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
    PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    732 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now